We performed a comparison between Microsoft Defender for Business and Microsoft Defender for Endpoint based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Additionally, when it comes to EDR, there are more tools available to assist with client work."
"Fortinet has helped free up around 20 percent of our staff's time to help us out."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The most valuable feature is the analysis, because of the beta structure."
"The product detects and blocks threats and is more proactive than firewalls."
"If you're an Intune user, you can bring in certain capabilities like system-hardening policies, which further enhances the security."
"It is scalable."
"Microsoft Defender for Business is good for small and medium-sized businesses. It offers solid security flexibility and integration with tools like Microsoft Lighthouse and some other software. It takes some of the features of Defender for Endpoint EDR and provides those services for small and medium-sized business environments."
"The interface is quite user-friendly."
"A few things are valuable. One is the alerting we see when any kind of intrusion is happening, any kind of malware is being deployed across the endpoints, or any kind of suspicious activity is going on. We have a footprint across all of North America, Canada, and Mexico, so we want to make sure that all our endpoints are protected and we are able to look for any anomalous activity."
"The scalability is good."
"This is not an inventory solution, but it helps you take count of how many workstations you have, as well as what software is installed on each of them."
"The comprehensiveness of Microsoft threat-protection products is great... Today, Microsoft Sentinel by itself is a leading Gartner SIEM tool. It has advantages over competitors because of the ability to integrate with Microsoft solutions and automate continuous monitoring of Microsoft AD and Office 365 data."
"Microsoft Defender for Endpoint is different from other security tools because we can configure it to use multiple types of scanning or archiving."
"You have endpoint security to keep your devices safe. That's the feature that we're interested in."
"The antivirus is the most valuable feature."
"The patch updates and version updates are very good. Those happen on an automated basis whenever I'm connecting to the organization network, either through LAN or through the VPN."
"The features I have found most valuable are the ransomware and malware protection. The solution detects malware live and whenever it detects suspicious activity, it quarantines it."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"The solution is not stable."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The support needs improvement."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"We'd like to see more one-to-one product presentations for the distribution channels."
"ZTNA can improve latency."
"The biggest one is that Defender needs to be more proactive to the emerging threats. There can be tighter integration with email, especially how it integrates with our email system, which is the Microsoft Outlook suite. There should be the ability to react a lot quicker to emerging threats because sometimes, it takes a few days before some of these new threats are fully identified, and we need that to be a few hours."
"The security could always be improved."
"We faced some issues while running some applications on Mac."
"Defender's threat protection should be fine-tuned to reduce false positives. It could be more targeted, reflecting a continuous evolution in detecting. Also, it could be easier to integrate into other environments."
"Defender's reporting is rather scattered, and its URL filtering mechanism doesn't really work."
"Microsoft Defender for Endpoint is effective for validating work, but not ideal for investigations."
"Microsoft Defender for Endpoint could provide us with a more holistic approach, such as collaboration. They can provide us with an environment from where we can manage all the endpoints from one central location, such as overall management."
"A challenge is that it is not a multi-tenant solution. Microsoft's tenant is a licensed tenant. I'm an MSSP. So, I have multiple customers. In Microsoft's world, that means that I can't just buy an E5 license and give that out to all my customers. That won't work because all of the customer data resides within a single tenant in Microsoft's world. Other products—such as SentinelOne, Palo Alto Cortex, CrowdStrike, et cetera—are multi-tenant. So, I can have it at the top of the pyramid for my analyst to look into it and see all the customers, but each customer's data is separate. If the customer wants to look at what we see, they would only see their data, whereas in the Microsoft world, if I've got multiple customers connected to the same Microsoft tenant, they would see everybody else's data, which is a privacy problem in Europe. It is not possible to share the data, and it is a breach of privacy."
"The onboarding and deployment could be more user-friendly, and there is room to grow in some of the reports. I don't want them to be oversimplified or overly complex, but there is room for improvement in the reporting it can do. It's relatively minor."
"Notifications are always popping up — I hate that."
"There are alternative solutions that offer a greater range of dashboard insights when compared to Microsoft Defender for Endpoint."
"The application control feature requires improvement."
"Auto recovery is the most important feature that we would need from this solution. For decryption, similar to Malwarebytes, there should be something to be able to recover the data up to the last normal status. Its ability to recover data to the last normal copy must not exceed 5 to 10 minutes."
More Microsoft Defender for Business Pricing and Cost Advice →
More Microsoft Defender for Endpoint Pricing and Cost Advice →
Microsoft Defender for Business is ranked 45th in Endpoint Protection Platform (EPP) with 5 reviews while Microsoft Defender for Endpoint is ranked 1st in Endpoint Protection Platform (EPP) with 182 reviews. Microsoft Defender for Business is rated 8.0, while Microsoft Defender for Endpoint is rated 8.0. The top reviewer of Microsoft Defender for Business writes "Quicker response time, improved security posture, and reduced alerts". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Eliminates the need to look at multiple dashboards by automatically providing one XDR dashboard to show the security score of each subscription". Microsoft Defender for Business is most compared with HP Wolf Security, Microsoft Defender for Office 365, Microsoft Intune, SentinelOne Singularity Complete and Symantec Endpoint Security Complete, whereas Microsoft Defender for Endpoint is most compared with Symantec Endpoint Security, Intercept X Endpoint, SentinelOne Singularity Complete, CrowdStrike Falcon and Microsoft Intune. See our Microsoft Defender for Business vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Microsoft Security Suite vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.